Help Me With Hipaa

In our rapidly evolving digital environment, cybersecurity misconfigurations pose significant threats to organizations of all sizes. Misconfigurations can expose systemic weaknesses and make organizations vulnerable to cyber attacks. In this episode, we will review a report from the NSA and CISA highlighting some of the most common misconfigurations that need to be addressed. More info at HelpMeWithHIPAA.com/431

When vendors have incidents that disrupt their operations, it’s like having ghosts haunt a business's continuity plan, just waiting to make an eerie appearance. That's why it is crucial for businesses to include vendor-related security incidents or downtime in their business continuity plans. One company’s nightmare can be contagious to its customers. More info at HelpMeWithHIPAA.com/430

In today's interconnected digital world, keeping up with cybersecurity alerts is like having a trusty, cyber-savvy sidekick by your side. As our reliance on technology continues to grow, staying ahead of the game is essential. Cybersecurity alerts are like the Bat-Signal of the digital realm, lighting up to warn you of impending threats. Proactive vigilance in the face of these alerts is not merely a best practice; it's an imperative in safeguarding sensitive data, privacy, and the integrity of our increasingly digital lives. More info at HelpMeWithHIPAA.com/429

Web tracking tools that collect or share personally identifiable health information can pose significant implications when it comes to HIPAA privacy and security. Unauthorized tracking can compromise patient confidentiality and privacy, potentially exposing sensitive health data. Today, we are doing a follow up from our previous podcast on web tracking tools and discuss a few recent articles and guidance released by HHS, FTC and OCR. More info at HelpMeWithHIPAA.com/428

For MSPs, grasping HIPAA compliance isn't just a good idea; it's a necessity. Neglecting it can lead to legal issues and lost opportunities in the healthcare IT sector. Picture unintentionally mishandling patient data and facing legal consequences – that's a risk you can't ignore. A solid understanding of HIPAA can boost your reputation and credibility within the healthcare industry. To acquire this essential knowledge, consider enrolling in the Certified in HIPAA for MSP (CHMSP) course offered by HIPAA for MSPs. It's a valuable resource that equips MSPs with the expertise needed to excel in this specialized field. More info at HelpMeWithHIPAA.com/427

Cybersecurity Awareness Month is just around the corner. It's that time of year when we all take a moment to up our game in the digital world. Whether it's creating stronger passwords, being mindful of phishing emails, or updating our software regularly, it's a reminder that our online safety matters. So, listen to this week’s podcast to find ways to keep cybersecurity top of mind and make sure our digital lives are as secure as possible! More info at HelpMeWithHIPAA.com/426

Assuming large organizations with lots of healthcare clients have a proper HIPAA privacy and security program in place could be disastrous. OCR recently settled investigations with LA Care, a large health plan in California, for $1.3 million and a 3 year corrective action plan.  Join us as we discuss this settlement and learn from others' mistakes. More info at HelpMeWithHIPAA.com/425

Securing older, legacy technologies from cyber threats is extremely important in today's interconnected digital world. Older devices often lack the robust security features of modern counterparts, making them vulnerable targets for hackers seeking to exploit weaknesses. Today, we review HSCC’s Health Industry Cybersecurity – Managing Legacy Technology Security (HIC-MaLTS) guide that provides recommendations to address the legacy technology challenges facing healthcare. More info at HelpMeWithHIPAA.com/424

In the digital age, cybersecurity has become a critical concern for businesses and individuals alike. Today, we review the latest release from 405(d), Check Your Cyber Pulse. This cybersecurity cosmo quiz helps small organizations evaluate their cyber pulse regarding the 10 cybersecurity practices of HICP and decide where they should focus efforts to improve their cybersecurity behaviors. More info at HelpMeWithHIPAA.com/423

Ransomware attacks have become a prevailing threat to businesses of all sizes, causing significant financial losses, reputational damage, and operational disruptions. In this episode, we talk with Robert Cioffi, COO and Co-Founder of Progressive Computing, who shares how they navigated through the Kaseya ransomware attack. He shares invaluable insights into their journey of resilience, recovery, and the crucial lessons learned along the way. More info at HelpMeWithHIPAA.com/422

In a crisis situation, organizations must be prepared to communicate effectively in these challenging situations. Karen Phillips, of Phillips & Marek, joins us to discuss strategies and best practices for managing data breaches and how to communicate with stakeholders, including internal staff, patients and the media. More info at HelpMeWithHIPAA.com/421

Are you worried about the safety of your data and the potential security risks to your organization? In this episode, we talk with Jen Stone of SecurityMetrics to explore the importance of performing technical and nontechnical evaluations of your security program. Jen helps to explain the benefits of thorough evaluations and how they can safeguard your organization against potential vulnerabilities. More info at HelpMeWithHIPAA.com/420

As in years past, we dive into IBM’s 2023 Cost of a Data Breach Report. This annual study sheds light on the ever-evolving landscape of data breaches and provides valuable insights for organizations looking for ways to focus their efforts and money to help prevent and reduce the costs associated with a data breach. More info at HelpMeWithHIPAA.com/419

We all know how important it is to keep our personal information and important data secure. MFA can add an extra layer of protection to our digital lives. But does HIPAA require MFA? The short answer: no, but yes. Listen in to hear how best to lock your cyber door against cyber attacks. More info at HelpMeWithHIPAA.com/418

Verizon has released their 2023 Data Breach Investigations Report (DBIR). This year they focused more on an analysis of actual data breaches - the types of incidents causing the breaches, the motivations of bad actors, how they tend to carry out their attacks and what data they are grabbing. We always look forward to reading this report because it not only has a lot of great information, but also because it contains a good bit of humor. You know we like that. More info at HelpMeWithHIPAA.com/417

In the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416

BAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415

Checklists are important for many people who deal with cybersecurity. David and Donna explain that this new checklist is not just for healthcare, but for all businesses to deal with cybersecurity. They discuss these CPGs, which are Cybersecurity Performance Goals recently published by CISA, and how they can help strengthen your cybersecurity regardless of the size and complexity of your organization. More info at HelpMeWithHIPAA.com/414

Healthcare cybersecurity is no walk in the park! Today, we explore the release of the "Health Industry Cybersecurity Recommendations for Government Policy and Programs" by HSCC. It provides suggestions and ideas on how government policy and programs can support the health sector in beefing up their cybersecurity defenses to help keep our health systems safe from cyber threats.   More info at HelpMeWithHIPAA.com/413

Vacation is a time to relax and get away from everyday worries, but it's important to take steps to ensure that your cybersecurity and privacy are not at risk. Today, we will review vacation and travel security tips from the National Cybersecurity Alliance to help you stay safe during your travels. More info at HelpMeWithHIPAA.com/412